package br.com.hsp.system.filters;

import java.io.IOException;


import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

@WebFilter(servletNames={"Faces Servlet"})
public class ControleDeAcesso2 implements Filter{
	
	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		String url;
		HttpServletRequest req = (HttpServletRequest) request;
		HttpSession session = req.getSession();
		url = req.getRequestURL().toString();
		System.out.println(url);
		if (session.getAttribute("usuarioCPF") != null) { // logado
			System.out.println(session.getAttribute("usuarioCPF") );
			System.out.println("caso 1");
			if(url.contains("/javax.faces.resource/")) {  //acesso recurso
				chain.doFilter(request, response);
			}
			switch (Integer.parseInt(session.getAttribute("usuarioTipo").toString())) {
			case 1:
				if (url.contains("/paciente/")) {
					chain.doFilter(request, response);
				} else {
					HttpServletResponse res = (HttpServletResponse) response;
					res.sendRedirect("/HSPtesteF2/paciente/acessonegado.xhtml");
				}
				break;
			case 2:
				if (url.contains("/ars/") || !url.contains("relatorio")) {
					chain.doFilter(request, response);
				} else {

					HttpServletResponse res = (HttpServletResponse) response;
					res.sendRedirect("/HSPtesteF2/ars/acessonegado.xhtml");
				}
				break;
			case 3:
				if (url.contains("/medico/")) {
					chain.doFilter(request, response);
				} else {

					HttpServletResponse res = (HttpServletResponse) response;
					res.sendRedirect("/HSPtesteF2/medico/acessonegado.xhtml");
				}
				break;
			case 4:
				if (url.contains("/ars/")) {
					chain.doFilter(request, response);
				} else {
					HttpServletResponse res = (HttpServletResponse) response;
					res.sendRedirect("/HSPtesteF2/ars/acessonegado.xhtml");
				}
				break;
			case 5:
				if (url.contains("/instituicao/")) {
					chain.doFilter(request, response);
				} else {
					HttpServletResponse res = (HttpServletResponse) response;
					res.sendRedirect("/HSPtesteF2/instituicao/acessonegado.xhtml");
				}
				break;
			}
			// chain.doFilter(request, response);
		} else if (req.getRequestURI().endsWith("login.xhtml")){  // nao logado e precisa acessa o login
			System.out.println("caso 2");
			chain.doFilter(request, response);
		} else {												//nao logado e tenta pagina diferente de login
			System.out.println("caso 3");
			System.out.println("redirect");
			HttpServletResponse res = (HttpServletResponse) response;
			res.sendRedirect("/HSPtesteF2/login.xhtml");
			if(url.contains("/javax.faces.resource/")){
				chain.doFilter(request, response);		// acesso aos recursos
			}
		}
		
	}
	
	@Override
	public void init(FilterConfig filterConfig) throws ServletException {
		
	}
	
	@Override
	public void destroy() {
		
	}
	
}
